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DETAILED ACTION 

Response to Amendment 

1 . This action is in response to the amendment filed on February 24, 2009. Claims 
1-15 were previously pending consideration. Per the received amendment no claims 
were added or cancelled. 

2. Claims 1-15 are currently pending consideration. 

Response to Arguments 

Applicant's arguments filed February 24, 2009 have been fully considered but 
they are not persuasive for the following reasons: 

Regarding claim 1 , the Applicant argues that the Cited Prior Art (CPA), Proudler 
(EP 1280042 A2), does not teach a second authorization data and a second verification 
data. This argument is not found persuasive. The first verification data is viewed as the 
integrity metric which is shown to authenticate the trusted platform (paragraph 0029). 
The second authorization data and the second verification data are delineated by the 
authentication data for validating the smart card (paragraph 0029-0030). This 
authentication procedure must present authorization data (from the smart card) and the 
result of the comparison is the verification data (authenticating the smart card). 
Therefore, this argument is not found persuasive. 

Regarding claim 7, the Applicant argues that the CPA does not teach a second 
unit comprising a central arithmetic unit and at least one memory. It is well-known in the 
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art that a smart card reader has an arithmetic unit for calculating and comparing 
authentication data. Therefore, this argument is not found persuasive. 

Regarding the dependent claims, the Applicant argues that the CPA does not 
teach jointly accessing a memory device. This argument is not found persuasive. The 
CPA discloses that the smart card reader has access to the appropriate volatile memory 
and non-volatile memory areas of the trusted device (paragraph 0030). Therefore, it is 
interpreted as jointly accessing the memory device. Therefore, the argument is not 
found persuasive. Finally, regarding claim 12, the Applicant argues that the smart card 
reader is not contactless. However, his is merely a design choice, and it is well-known 
in the art to use contactless smart cards. Therefore, the argument is not found 
persuasive. 

Therefore, the rejection is maintained as given below. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

Claims 1-15 are rejected under 35 U.S.C. 102(a) as being anticipated by 
Proudler et al. (EP 1280042 A2). 
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Regarding claim 1, Proudler discloses: 

A method of identifying and/or verifying hardware and/or software of an appliance 
and of a data carrier which is provided to cooperate with the appliance, comprising the 
following steps: 

transmitting first authorization data of the hardware and/or software to a first unit 
(paragraph 0016-0019, 0029-0030, 0041 , 0049-0051 : sends a nonce to the trusted 
device, and receives a response used to verify the trusted device); 

comparing the first authorization data of the hardware and/or software that has 
been transmitted to the first unit with first verification data stored in the first unit 
(paragraph 001 6: identity and integrity metric are compared with expected values 
provided by a trusted party) 

authorizing the hardware and/or software once it has been ascertained that there 
is coincidence between the first authorization data provided by the hardware and/or 
software and the first verification data stored in the first unit (paragraph 0016: identity 
and integrity metric are compared with expected values provided by a trusted party, and 
if there is a match, the device is trusted) 

transmitting second authorization data of a data carrier to a second unit 
(paragraph 0022, 0029, 0044: verification between a smart card and a trusted device); 

comparing the second authorization data in the second unit with second 
verification data stored in the second unit (paragraph 0022, 0029, 0044: verification 
between a smart card and a trusted device) 
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authorizing the data carrier if there is coincidence between the second 
authorization data and the second verification data stored in the second unit (paragraph 
0022, 0029, 0044: verification between a smart card and a trusted device) 

wherein a direct data exchange is carried out between the first unit and the 
second unit (paragraph 0041 , 0052: communication between the trusted device and the 
platform after logical binding). 

Claim 2 is rejected as applied above in rejecting claim 1 . Furthermore, Proudler 
discloses: 

A method as claimed in claim 1, wherein the direct data exchange between the 
first unit and the second unit comprises a transmission of encrypted data and a 
comparison and/or decryption of data transmitted between the first unit and the second 
unit (paragraph 0019, paragraph 0051: cryptographic processes). 

Claim 3 is rejected as applied above in rejecting claim 1 . Furthermore, Proudler 
discloses: 

A method as claimed in claim 1 , wherein the data exchange between the first unit 
and the second unit is carried out prior to an identification and/or verification of first 
authorization data of the hardware and/or software and of second authorization data of 
the data carrier (paragraph 0041 , 0052: communication between the trusted device and 
the platform after logical binding). 
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Claim 4 is rejected as applied above in rejecting claim 1 . Furthermore, Proudler 
discloses: 

A method as claimed in claim 1, wherein a central arithmetic unit of the first unit 
and a central arithmetic unit of the second unit jointly access at least one ROM memory 
one RAM memory and/or one non-volatile memory (paragraph 0030-0034: 
measurement function has access to non-volatile memory and volatile memory to 
access the stored hash program, private key, and the acquired integrity metric in the 
form of a digest). 

Claim 5 is rejected as applied above in rejecting claim 1 . Furthermore, Proudler 
discloses: 

A method as claimed in claim 1 , wherein encryption of the first authorization data 
and of the second authorization data is carried out in the first unit and in the second unit 
(paragraph 001 9, paragraph 0051 : cryptographic processes). 

Claim 6 is rejected as applied above in rejecting claim 1 . Furthermore, Proudler 
discloses: 

A method as claimed in claim 1, wherein the second authorization data are 
obtained from a smartcard or a tag or a label that forms the data earner (paragraph 
0022, 0029, 0044: verification between a smart card and a trusted device). 



Regarding claim 7, Proudler discloses: 
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A circuit for identifying and/or verifying hardware and/or software of an appliance 
and of a data carrier which is provided to cooperate with the appliance, comprising: 

a first unit for identifying and/or verifying the hardware and/or software of the 
appliance (paragraph 0016-0019, 0029-0030, 0041, 0049-0051: sends a nonce to the 
trusted device, and receives a response used to verify the trusted device), comprising a 
central arithmetic unit and at least one memory and an interface to the hardware and/or 
software that is to be identified and/or verified (paragraph 0030-0034: measurement 
function has access to non-volatile memory and volatile memory to access the stored 
hash program, private key, and the acquired integrity metric in the form of a digest), and 

a second unit comprising a central arithmetic unit and at least one memory and 
an interface to an external data carrier and also an interface to the hardware and/or 
software (paragraph 0022, 0029, 0044: verification between a smart card and a trusted 
device), 

wherein a communication interface is provided between the central arithmetic 
units of the first unit and the second unit (paragraph 0041 : communication between 
platforms). 

Claim 8 is rejected as applied above in rejecting claim 7. Furthermore, Proudler 
discloses: 

A circuit as claimed in claim 7, wherein the memories of the first unit and of the 
second unit are formed by a ROM memory and a RAM memory and/or a non-volatile 
memory (paragraph 0030-0034: measurement function has access to non-volatile 
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memory and volatile memory to access the stored hash program, private key, and the 
acquired integrity metric in the form of a digest). 

Claim 9 is rejected as applied above in rejecting claim 7. Furthermore, Proudler 
discloses: 

A circuit as claimed in claim 7, wherein the ROM memories and/or the RAM 
memories and/or the non-volatile memories of the first unit and of the second unit are in 
each case combined to form a common ROM memory and/or a common RAM memory 
and/or a common non-volatile memory (paragraph 0030-0034: measurement function 
has access to non-volatile memory and volatile memory to access the stored hash 
program, private key, and the acquired integrity metric in the form of a digest). 

Claim 10 is rejected as applied above in rejecting claim 7. Furthermore, Proudler 
discloses: 

A circuit as claimed in claim 7, wherein the first unit and the second unit in each 
case comprise an encryption device (paragraph 0019, paragraph 0051 : cryptographic 
processes). 

Claim 11 is rejected as applied above in rejecting claim 7. Furthermore, Proudler 
discloses: 

A circuit as claimed in claim 7, wherein the central arithmetic unit of the first unit 
and the central arithmetic unit of the second unit are combined to form a common 
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central arithmetic unit which common central arithmetic unit has the integrated 
communication interface, and wherein the common central arithmetic unit is connected 
by an interface to the hardware and/or software that is to be identified and/or verified 
(paragraph 0030-0034: measurement function has access to non-volatile memory and 
volatile memory to access the stored hash program, private key, and the acquired 
integrity metric in the form of a digest). 

Claim 12 is rejected as applied above in rejecting claim 7. Furthermore, Proudler 
discloses: 

A circuit as claimed in claim 7, wherein the interface to the external data carrier is 
designed for contactless communication with the external data carrier (paragraph 0022, 
0029, 0044: verification between a smart card and a trusted device). 

Claim 13 is rejected as applied above in rejecting claim 14. Furthermore, Proudler 
discloses: 

A circuit as claimed in claim 7, wherein the external data carrier is formed by a 
smartcard or a tag or a label (paragraphs 0032-0034: label or a smart card). 

Claim 14 is rejected as applied above in rejecting claim 7. Furthermore, Proudler 
discloses: 

An appliance which comprises as hardware at least one central arithmetic unit 
which central arithmetic unit is designed to run software and to obtain data from an 
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external data carrier cooperating with the appliance, wherein a circuit as claimed in 
claim 7 is coupled to the central arithmetic unit (paragraph 0022, 0029, 0044: 
verification between a smart card and a trusted device). 

Claim 15 is rejected as applied above in rejecting claim 14. Furthermore, Proudler 
discloses: 

An appliance as claimed in claim 14, wherein the central arithmetic unit of the 
appliance is coupled via an interface integrated in the central arithmetic unit of the 
appliance to the circuit integrated in the central arithmetic unit (paragraph 0030-0034). 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to KAVEH ABRISHAMKAR whose telephone number is 
(571)272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Kaveh Abrishamkar/ 
Primary Examiner, Art Unit 2431 

IK. A./ 
05/28/2009 

Primary Examiner, Art Unit 2431 



